PT-2019-19996 · Floody · Floody
Publicado
2019-06-04
·
Atualizado
2019-06-04
CVSS v3.1
5.1
Média
| Vetor | AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
floody versions prior to 0.1.1
Description
The issue concerns remote memory exposure. In the affected
floody versions, the write(number) function passes a number to the Buffer constructor, which appends a chunk of uninitialized memory. This can lead to exposure of sensitive data.Recommendations
Update to version 0.1.1 or later.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Floody